Computer Security - ESORICS 2024
29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, September 16-20, 2024, Proceedings, Part II
Published on 5. September 2024
XVII, 472 pages
978-3-031-70890-9 (ISBN)
Description
This four-volume set LNCS 14982-14985 constitutes the refereed proceedings of the 29th European Symposium on Research in Computer Security, ESORICS 2024, held in Bydgoszcz, Poland, during September 16-20, 2024.
The 86 full papers presented in these proceedings were carefully reviewed and selected from 535 submissions. They were organized in topical sections as follows:
Part I: Security and Machine Learning.
Part II: Network, Web, Hardware and Cloud; Privacy and Personal Datat Protection.
Part III: Software and Systems Security; Applied Cryptopgraphy.
Part IV: Attacks and Defenses; Miscellaneous.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XVII, 472 p. 104 illus., 67 illus. in color.
File size
19,40 MB
ISBN-13
978-3-031-70890-9 (9783031708909)
DOI
10.1007/978-3-031-70890-9
Schweitzer Classification
Other editions
Additional editions
Joaquin Garcia-Alfaro | Rafal Kozik | Michal Choras
Computer Security - ESORICS 2024
29th European Symposium on Research in Computer Security, Bydgoszcz, Poland, September 16-20, 2024, Proceedings, Part II
Book
09/2024
Springer
€85.59
Shipment within 15-20 days
Content
- Intro
- Preface
- Organization
- Contents - Part II
- Network, Web, Hardware and Cloud
- PRETT2: Discovering HTTP/2 DoS Vulnerabilities via Protocol Reverse Engineering
- 1 Introduction
- 2 Background
- 2.1 HTTP/2
- 2.2 Protocol Reverse Engineering
- 3 Security Analysis for HTTP/2
- 3.1 Prior Works
- 3.2 Motivating Example
- 4 Proposed Framework for HTTP/2 Stateful Fuzzing
- 4.1 Trace Extraction
- 4.2 State Machine Inference
- 4.3 Stateful Fuzzing
- 5 Evaluation
- 5.1 Experimental Setup
- 5.2 State Machine Inference
- 5.3 Security Analysis
- 6 Related Work
- 7 Concluding Remarks
- References
- TurboTLS: TLS Connection Establishment with 1 Less Round Trip
- 1 Introduction
- 2 Background
- 2.1 Secure Channel Protocols over TCP
- 2.2 Secure Channel Protocols over UDP
- 3 TurboTLS Design
- 4 Features and Advantages
- 4.1 Comparison with Other Protocols
- 4.2 Denial-of-Service (DoS) Considerations
- 4.3 TurboTLS via Transparent Proxying
- 4.4 TurboTLS Improvements
- 5 Experimental Analysis
- 6 TLS Depth of Websites
- 7 Identifying Usecases
- 7.1 TurboTLS as an Alternative to QUIC
- 7.2 Generic Turbo Transport Situations
- References
- From Fingerprint to Footprint: Characterizing the Dependencies in Encrypted DNS Infrastructures
- 1 Introduction
- 2 Background
- 2.1 Standardized Encrypted DNS Protocols
- 2.2 Encrypted DNS Infrastructures
- 3 Encrypted DNS Servers in the Wild
- 3.1 Methodology
- 3.2 Result Overview
- 3.3 Encrypted Authoritative DNS Server
- 3.4 Open Encrypted DNS Resolver
- 4 Characterizing the Dependencies on Server Components
- 4.1 Methodology
- 4.2 DNS Server
- 4.3 DoH HTTP Server
- 5 Identify the Dependencies on Large DNS Providers
- 6 Discussion
- 6.1 Security and Privacy Implications
- 6.2 Limitations
- 6.3 Ethical Considerations
- 7 Related Work
- 7.1 Measurement of DoE Deployment
- 7.2 Measurement of DNS Infrastructures
- 8 Conclusion
- References
- Netfuzzlib: Adding First-Class Fuzzing Support to Network Protocol Implementations
- 1 Introduction
- 2 Background: Fuzzing Network Software
- 2.1 Modern Fuzzing Approaches
- 2.2 Fuzzing of Stateful Systems
- 2.3 Fuzzing Over Network I/O
- 3 Requirements for End-to-End Network Fuzzing
- 3.1 Requirement 1: Determinism
- 3.2 Requirement 2: Data Readiness Detection
- 3.3 Requirement 3: Liveness Detection
- 3.4 Requirement 4: Transfer of Execution on I/O Events
- 3.5 Requirement 5: High Fuzzing Throughput
- 3.6 Requirement 6: Handling Kernel Interaction
- 4 Motivation
- 4.1 Tester Perspective
- 4.2 Fuzzing Researcher Perspective
- 5 Overview of Netfuzzlib
- 5.1 Approach
- 5.2 Fuzzing Module Interface
- 5.3 Included Kernel APIs
- 5.4 Sound Co-operation with Non-emulated Environment
- 5.5 Liveness Heuristic
- 5.6 Netfuzzlib Usage
- 5.7 Implementation
- 6 Evaluation and Discussion
- 6.1 Checking Soundness
- 6.2 Experiment 1: Speeding up Fuzzing
- 6.3 Experiment 2: Adding Network Fuzzing Support
- 6.4 Experiment 3: Symbolic Execution
- 7 Related Work
- 8 Conclusion
- A Coverage Plots
- References
- BootRIST: Detecting and Isolating Mercurial Cores at the Booting Stage
- 1 Introduction
- 2 Preliminaries
- 2.1 What is Mercurial Core?
- 2.2 Linux Booting Process
- 2.3 CPU State and Hotplug in Linux Kernel
- 2.4 SIGILL in Linux System
- 3 Fault Model and Assumptions
- 4 Design
- 4.1 System Overview
- 4.2 Instruction Testing
- 4.3 Mercurial Core Detection
- 4.4 Mercurial Core Isolation
- 5 Implementation
- 5.1 Instruction Generation
- 5.2 Parallel Execution
- 5.3 Modification to Exception Handler
- 5.4 Mecurial Core Isolation
- 6 Evaluation
- 6.1 Evaluation Environment
- 6.2 Performance of Instruction Testing
- 6.3 Mercurial Core Detection and Isolation
- 6.4 System Performance Analysis
- 7 Discussion and Future Work
- 8 Related Work
- 8.1 Processor Failure
- 8.2 Discover Inconsistent Execution
- 9 Conclusions
- References
- Social Control and Interactivity in Anonymous Public Events
- 1 Introduction
- 2 The HIPE Framework
- 2.1 Modelling Social Control
- 2.2 Formalizing Interactivity Expectations
- 3 Verifying Interactivity
- 3.1 Step 1: Preprocessing
- 3.2 Step 2: Model Checking
- 4 An Empirical Case Study
- 4.1 Model Description
- 4.2 Experimental Setup
- 4.3 Interplay Between Social Control and Interactivity
- 4.4 Scaling Up
- 5 Related Works
- 6 Conclusion and Future Work
- A Small Model Property for ZoomH
- References
- Faster Post-quantum TLS 1.3 Based on ML-KEM: Implementation and Assessment
- 1 Introduction
- 2 Preliminaries
- 2.1 Notation
- 2.2 ML-KEM
- 2.3 AVX-512 Instruction Set
- 2.4 TLS 1.3 and PQ-TLS
- 3 Revisiting PQC Security of KEM in TLS 1.3
- 3.1 An Efficient Choice of PQ-Secure KEX: IND-1-CCA KEM
- 3.2 IND-1-CCA KEM Constructions
- 4 ML-KEM AVX-512 Implementation
- 4.1 Modular Reduction Implementation
- 4.2 NTT Implementation
- 4.3 SHA3 Keccak
- 4.4 Other Modules Implementation
- 5 ML-KEM TLS 1.3 Integration Design Consideration
- 5.1 Batch Key Generation Using Parallel Keccak
- 5.2 ML-KEM AVX-512 TLS 1.3 Migration Implementation
- 6 Discussions and Results
- 6.1 Experimental Setup
- 6.2 Speed of ML-KEM AVX-512 Implementation
- 6.3 ML-KEM AVX-512 TLS 1.3 Benchmark
- 6.4 TLS 1.3 Handshake with IND-1-CCA KEM
- 7 Conclusion
- References
- CRATOR a CRAwler for TOR: Turning Dark Web Pages into Open Source INTelligence
- 1 Introduction
- 2 Related Work
- 3 Design
- 3.1 Architecture
- 3.2 Breadth-First Crawling Approach
- 3.3 Link Validity Check
- 3.4 Login Forms and Cookies Rotation
- 3.5 CAPTCHA Detection
- 3.6 Connection Setup
- 3.7 Stop Criteria
- 4 Evaluation
- 4.1 Case Scenario
- 4.2 Metrics
- 4.3 Experimentation
- 5 Results
- 5.1 Coverage
- 5.2 Performance
- 5.3 Robustness
- 6 Discussion
- 7 Conclusion and Future Work
- References
- ProxyKiller: An Anonymous Proxy Traffic Attack Model Based on Traffic Behavior Graphs
- 1 Introduction
- 2 Related Work
- 2.1 Active Probing
- 2.2 Passive Traffic Identification
- 2.3 Summary
- 3 Motivation and Threat Model
- 3.1 Motivation
- 3.2 Threat Model
- 4 Methodology
- 4.1 Overview
- 4.2 Traffic Behavior Graph Construction
- 4.3 Graph-Level Traffic Feature Representation Learning
- 5 Evaluation
- 5.1 Dataset Setup
- 5.2 Ethical Concerns
- 5.3 Baselines and Metrics
- 5.4 Analysis of Experimental Results
- 5.5 Evaluation of Basic Node Feature Importance
- 6 Disscussion
- 6.1 Time Overhead
- 6.2 Possible Resistance Measures
- 6.3 Incremental Learning Mechanism
- 7 Conclusion
- References
- Confidential and Verifiable Machine Learning Delegations on the Cloud
- 1 Introduction
- 1.1 Related Work
- 2 Preliminaries
- 2.1 Interactive Proofs
- 2.2 Secure Multiparty Computation
- 3 Confidential and Verifiable Delegation
- 3.1 Security Definitions
- 3.2 Overview of Our Scheme
- 3.3 GKR in MPC for General Circuits
- 3.4 GKR in MPC for Matrix Multiplications
- 3.5 Polynomial Commitments in MPC
- 4 Experiments
- 4.1 Performance of Our System
- 4.2 Comparison to Prior Work
- 4.3 Machine Learning Inference
- 5 Conclusions
- A Sumcheck Protocol
- B Phase 2 of the GKR Protocol in MPC
- C Additional Experiments
- References
- Process Identity-Based Firewalling
- 1 Introduction
- 2 Architecture
- 2.1 Endpoint Processes Identification
- 2.2 Network Integration
- 3 Implementation
- 3.1 Packet Interception and Modification
- 3.2 Inferring Process Identity
- 3.3 Filtering Mechanism
- 3.4 Support for Docker Containers
- 3.5 Windows Integration
- 4 Evaluation
- 4.1 Experimental Setup
- 4.2 Optimizations and Trade-Offs
- 4.3 Netfilter Queue Tuning
- 4.4 Performance Analysis
- 4.5 Integration with Xtables and snort3
- 5 Related Work
- 6 Future Work
- 7 Conclusion
- References
- Privacy and Personal Data Protection
- Privacy-Preserving Regular Expression Matching Using TNFA
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Related Work
- 2 Preliminaries
- 2.1 Regular Expressions and Thompson NFAs
- 2.2 Cryptographic Preliminaries
- 3 TNFA Simulation via Two Linear Scans
- 4 Secure Regular Expression Matching
- 4.1 Epsilon Transition via Oblivious Stack
- 4.2 Epsilon Transition via 1-Out-n+1 OT
- 5 Performance Evaluation
- 5.1 Performance Evaluation of Secure-Regex
- 6 Conclusion
- A Secure-Regex: Security Proofs
- A.1 Security Proof of OT-Based Secure-Regex
- A.2 Security Proof of OS-Based Secure-Regex
- References
- Nemesis: Combating Abusive Information in Encrypted Messaging with Private Reporting
- 1 Introduction
- 2 Problem Formulation
- 2.1 Overview of Nemesis
- 2.2 Threat Model
- 2.3 Security Goals
- 3 Design Overview
- 4 Constructing Nemesis
- 4.1 Preliminaries
- 4.2 Message Delivery and Reporting
- 4.3 Report-Hiding Tally
- 4.4 Secure Source Tracing
- 5 Security of Nemesis
- 6 Implementation and Evaluation
- 6.1 Benchmarks: Costs of Each Entity
- 6.2 Comparison with Prior Work
- 7 Conclusion and Discussion
- A Protocol for Secret-Shared Shuffle and Verification
- B Security Analysis
- References
- ARPSSO: An OIDC-Compatible Privacy-Preserving SSO Scheme Based on RP Anonymization
- 1 Introduction
- 2 Background
- 2.1 OpenID Connect
- 2.2 Proof of Knowledge
- 2.3 Anonymous Credential Based on PS Signature
- 3 Adversary Model, Assumptions and Target Properties
- 3.1 Adversary Model
- 3.2 Assumptions
- 3.3 Target Properties
- 4 Design
- 5 ARPSSO
- 5.1 Initialization
- 5.2 Registration
- 5.3 Single Sign-on
- 6 Analysis
- 6.1 Security of ARPSSO
- 6.2 Privacy of ARPSSO
- 7 Evaluation
- 8 Related Work
- 9 Discussion
- 10 Conclusion
- References
- DPC: Filtering Out Patch-Based Poisoned Samples with Differential Privacy
- 1 Introduction
- 2 Related Works
- 2.1 Patch-Based Data Poisoning Backdoor Attacks
- 2.2 Patch-Based Data Poisoning Backdoor Defenses
- 3 Preliminaries
- 3.1 Deep Learning with Differential Privacy
- 3.2 Threat Model
- 3.3 Filtering Backdoor Poisoned Samples
- 4 Differential Privacy for Backdoor Defenses
- 5 The Bi-optimization Training Strategy
- 6 DPC
- 6.1 Overview
- 6.2 Self-supervised Pre-training with DP-SGD Fine-Tuning
- 6.3 Clean Sample Identification
- 6.4 Adaptive Adjustment in DP-SGD Fine-tuning
- 7 Evaluation
- 7.1 Evaluation Setup
- 7.2 Main Results
- 7.3 Defensive Results on Different Poisoned Rates
- 7.4 Albation Studies
- 8 Conclusion
- A Appendix
- A.1 Confusion Training with Poisoned Sample Identification
- A.2 The Self-supervised Pretrain Within the Robust Training
- References
- Private Decision Tree Evaluation with Malicious Security via Function Secret Sharing
- 1 Introduction
- 1.1 Related Works
- 1.2 Our Contributions
- 2 Preliminaries
- 2.1 Decision Tree Evaluation
- 2.2 Additive Secret Sharing
- 2.3 Function Secret Sharing
- 2.4 Verifiable Distributed Point Function (VDPF)
- 3 Secure Conditional Selection
- 3.1 Verifiable Comparison Protocol with Plaintext Input
- 3.2 Secure Verifiable Conditional Oblivious Selection Protocol
- 4 The Proposed FSSTree Scheme
- 5 Experiment
- 5.1 Setup
- 5.2 Evaluation of Verifiable Conditional Oblivious Selection
- 5.3 Evaluation of FSSTree Scheme
- 6 Conclusion
- A Security Proofs
- A.1 Security Proof of Verifiable Comparison Protocol VCMP
- A.2 Security Proof of Verifiable Conditional Oblivious Selection Protocol cos
- A.3 Security Proof of the FSSTree Evaluation Protocols FSSTree
- References
- Review the Cuckoo Hash-Based Unbalanced Private Set Union: Leakage, Fix, and Optimization
- 1 Introduction
- 1.1 Related Works
- 1.2 Overview of Our Technique
- 2 Preliminaries
- 2.1 Notations
- 2.2 Unbalanced Private Set Union
- 2.3 Security Model
- 2.4 Hash Tables
- 2.5 Permuted Reversed Private Membership Test (p-RPMT)
- 3 Our Attacks
- 3.1 Overview of Hash + RPMT Framework
- 3.2 Attack Vector
- 3.3 Explanation of Leakage
- 4 Fix for Hash + RPMT Framework
- 4.1 Parameter Adjustment
- 4.2 Prevent Computation of IA
- 5 Improving p-RPMT
- 6 Conclusion and Future Works
- A Shuffled PMT (s-PMT)
- A.1 Proof of DH Based s-PMT
- A.2 Permute + Share
- References
- BMI: Bounded Mutual Information for Efficient Privacy-Preserving Feature Selection
- 1 Introduction
- 2 Related Work
- 2.1 Feature Selection
- 2.2 Federated Feature Selection
- 2.3 Privacy-Preserving Feature Selection
- 2.4 Privacy-Preserving Machine Learning
- 3 Preliminaries
- 3.1 Feature Selection with the Filter Method
- 3.2 Cross Entropy and Mutual Information (MI)
- 3.3 Secure Multi-party Computation
- 4 Problem Statement
- 4.1 System and Threat Model
- 4.2 Solution Overview
- 5 Building Blocks for Privacy-Preserving Feature Selection with Mutual Information
- 5.1 Notation
- 5.2 A Baseline Secure Protocol for Mutual Information
- 5.3 Bounded Mutual Information
- 5.4 A More Efficient Secure Protocol for Mutual Information
- 5.5 Secure Feature Filtering Based on Mutual Information
- 6 Experimental Evaluation
- 6.1 Datasets
- 6.2 Experimental Results
- 7 Conclusion
- A Appendix: Cutoff Probability
- B Appendix: Computing the Logarithm in MPC
- References
- Task-Specific Knowledge Distillation with Differential Privacy in LLMs
- 1 Introduction
- 1.1 State of the Art
- 1.2 Our Proposal
- 1.3 Contributions
- 1.4 Organization
- 2 Preliminaries
- 2.1 Differential Privacy
- 2.2 Training Transformers with DP
- 2.3 Knowledge Distillation
- 3 Proposed Methodology
- 3.1 Preparation of General Teacher Model
- 3.2 Private Fine-Tuning of General Teacher Model
- 3.3 Initialization of Student Model
- 3.4 Private Task-Specific Knowledge Distillation
- 4 Experimental Setup
- 4.1 Source and Target Data
- 4.2 Baselines
- 4.3 Privacy Budget and Hyper Parameters
- 4.4 Privacy Analysis
- 5 Results and Discussion
- 5.1 A Comparative Analysis with Differentially Private Fine-Tuned Models
- 5.2 A Comparative Analysis with Fine-Tuned Models in a Privacy-Agnostic Context
- 5.3 Initialization of Student Models with Pre-distilled Models
- 6 Conclusion and Future Works
- References
- Exploiting Internal Randomness for Privacy in Vertical Federated Learning
- 1 Introduction
- 1.1 Randomness for Privacy in VFL
- 1.2 Contributions and Paper Outline
- 2 Background and Related Work
- 3 Distance-Based Empirical Local Differential Privacy
- 3.1 Formal Definition of dELDP
- 3.2 Application: dELDP for Trained VAEs in VFL
- 4 Experiments
- 4.1 Setup
- 4.2 Results
- 5 Conclusion and Future Work
- A Proof of Theorem 2
- References
- Code Voting: When Simplicity Meets Security
- 1 Introduction
- 2 Related Work
- 3 Protocol
- 3.1 The Swiss Context
- 3.2 Voter's View
- 3.3 Protocol Description
- 3.4 Security Claims
- 3.5 Design Rationale
- 4 Security Analysis
- 4.1 ProVerif in a Nutshell
- 4.2 Modeling the Protocol and Security Properties
- 4.3 Results
- 5 Conclusion
- References
- Speedy Privacy-Preserving Skyline Queries on Outsourced Data
- 1 Introduction
- 2 Preliminaries and Models
- 2.1 Preliminaries
- 2.2 System Model
- 2.3 Security Model and Goal
- 3 Our Scheme
- 3.1 System Initialization
- 3.2 Skyline Generation
- 3.3 Skyline Extraction
- 3.4 Optimized Construction
- 4 Correctness and Security Analysis
- 4.1 Correctness
- 4.2 Privacy and Leakage
- 5 Performance Analysis
- 5.1 Theoretical Analysis
- 5.2 Evaluation and Comparison
- 6 Conclusion and Future Work
- A Security Analysis with Simulation
- B Details for Skyline Diagram
- References
- RedactBuster: Entity Type Recognition from Redacted Documents
- 1 Introduction
- 2 Related Works
- 3 System and Threat Model
- 3.1 System Model
- 3.2 Threat Model
- 4 Methodology
- 4.1 Dataset
- 4.2 Data Processing
- 4.3 Models
- 5 Evaluation
- 5.1 Metric
- 5.2 Baseline
- 5.3 Finetuning
- 6 Countermeasures
- 7 Conclusions
- A Dataset
- A.1 Character Preprocessing
- A.2 Data Balancing
- B Character Evasion
- C Hardware and Software Configuration
- References
- Author Index
